cakir (OP)
Legendary
 Offline
Activity: 1274
Merit: 1000
★ BitClave ICO: 15/09/17 ★
|
 |
March 25, 2015, 10:53:34 PM |
|
Here's a scenario about 51% Attack and it may be achieved cheaper (maybe the cheapest).
First of all, we need botnet, so we're creating porn sites etc to create a botnet; or we already have one. At least 1 million zombie PCs.
Secondly, we're detecting all stratum ip's and ports of major pools etc. Let's say we've found 1000 of them and that's equal to 95% of the network hashrate.
Preparing for attack:
Calculating the next diff retarget block. Let's say it's gonna be on 350.000th block.
When the miners found 349.999th block we start a ddos attack on those stratums to reduce the network HS. When the 350.000th block found Diff should be lowered to 5% of the previous diff.
Before the attack we had 300 phs network hs but now we have 5% of it so it's 15 phs. (We're still ddos'ing other pools)
We need 16 phs to gain 51% of the network. Let's say we have it.
And so we may achieve 51% attack cheaper...
What do you think about that scenario? Can it be achieved or not? If not why?
|
|
|
|
|
|
|
,'#██+:
,█████████████'
+██████████████████
;██████████████████████
███████: .███████`
██████ ;█████'
`█████ #████#
████+ `████+
████: ████,
████: .# █ ████
;███+ ██ ███ ████
████ ███' ███. '███,
+███ #████ ,████ ████
████ █████ .+██████: █████+ `███.
,███ ███████████████████████ ████
████ ███████████████████████' :███
███: +████████████████████████ ███`
███ █████████████████████████` ███+
,███ ██████████████████████████ #███
'███ '██████████████████████████ ;███
#███ ███████████████████████████ ,███
████ ███████████████████████████. .███
████ ███████████████████████████' .███
+███ ███████████████████████████+ :███
:███ ███████████████████████████' +███
███ ███████████████████████████. ███#
███. #██████████████████████████ ███,
████ █████████████████████████+ `███
'███ '████████████████████████ ████
███; ███████████████████████ ███;
████ #████████████████████ ████
███# .██████████████████ `███+
████` ;██████████████ ████
████ '███████#. ████.
.████ █████
'████ █████
#████' █████
+█████` ██████
,██████: `███████
████████#;,..:+████████.
,███████████████████+
.███████████████;
`+███████#,
| |
|
|
|
|
|
|
|
|
|
|
According to NIST and ECRYPT II, the cryptographic algorithms used in
Bitcoin are expected to be strong until at least 2030. (After that, it
will not be too difficult to transition to different algorithms.)
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
March 25, 2015, 11:00:39 PM |
|
Here's a scenario about 51% Attack and it may be achieved cheaper (maybe the cheapest).
First of all, we need botnet, so we're creating porn sites etc to create a botnet; or we already have one. At least 1 million zombie PCs.
Secondly, we're detecting all stratum ip's and ports of major pools etc. Let's say we've found 1000 of them and that's equal to 95% of the network hashrate.
Preparing for attack:
Calculating the next diff retarget block. Let's say it's gonna be on 350.000th block.
When the miners found 349.999th block we start a ddos attack on those stratums to reduce the network HS. When the 350.000th block found Diff should be lowered to 5% of the previous diff.
Before the attack we had 300 phs network hs but now we have 5% of it so it's 15 phs. (We're still ddos'ing other pools)
We need 16 phs to gain 51% of the network. Let's say we have it.
And so we may achieve 51% attack cheaper...
What do you think about that scenario? Can it be achieved or not? If not why?
This doesn't make sense. If the network had 300 PHs, and it was reduced by 5% or 15 PHs then the remaining hashrate would be 285 PHs. 51% would require at least 145 PHs, if not more. Did you pull that 16 PHs number out of a hat? Good luck getting all major pools down at the same time. This is why DDOS protection exists. |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
cakir (OP)
Legendary
Offline
Activity: 1274
Merit: 1000
★ BitClave ICO: 15/09/17 ★
|
|
March 25, 2015, 11:04:04 PM |
|
-snip-
This doesn't make sense. If the network had 300 PHs, and it was reduced by 5% or 15 PHs then the remaining hashrate would be 285 PHs. 51% would require at least 145 PHs, if not more.
Did you pull that 16 PHs number out of a hat?
Good luck getting all major pools down at the same time. This is why DDOS protection exists.
Nope, you're not lowering by 5% percent. You're lowering it to 5% percent. We're ddos'ing 95% percent of the network remember? |
|
|
|
|
|
|
,'#██+:
,█████████████'
+██████████████████
;██████████████████████
███████: .███████`
██████ ;█████'
`█████ #████#
████+ `████+
████: ████,
████: .# █ ████
;███+ ██ ███ ████
████ ███' ███. '███,
+███ #████ ,████ ████
████ █████ .+██████: █████+ `███.
,███ ███████████████████████ ████
████ ███████████████████████' :███
███: +████████████████████████ ███`
███ █████████████████████████` ███+
,███ ██████████████████████████ #███
'███ '██████████████████████████ ;███
#███ ███████████████████████████ ,███
████ ███████████████████████████. .███
████ ███████████████████████████' .███
+███ ███████████████████████████+ :███
:███ ███████████████████████████' +███
███ ███████████████████████████. ███#
███. #██████████████████████████ ███,
████ █████████████████████████+ `███
'███ '████████████████████████ ████
███; ███████████████████████ ███;
████ #████████████████████ ████
███# .██████████████████ `███+
████` ;██████████████ ████
████ '███████#. ████.
.████ █████
'████ █████
#████' █████
+█████` ██████
,██████: `███████
████████#;,..:+████████.
,███████████████████+
.███████████████;
`+███████#,
| |
|
|
|
Meuh6879
Legendary
Offline
Activity: 1512
Merit: 1011
|
|
March 25, 2015, 11:22:32 PM |
|
(We're still ddos'ing other pools)
try. and the next 30min after ... all pools migrate automaticly to P2Pool isolate network and DDoS protected. any actual P2Pool nodes can achieve 8 connexion per sec. (at minimal level) and you have 2400 available connexion for miner in real time now (300 nodes). you can't win. security measure of pools are to automaticly switch to P2Pool. that why, we (P2Pool) have regulary +500Th/s but only 30 mins to test the security measures. |
|
|
|
|
odolvlobo
Legendary
Offline
Activity: 4298
Merit: 3214
|
|
March 25, 2015, 11:35:36 PM |
|
Can you address these? - Public pools make up much less than 95% of the mining power.
- Difficulty and block is irrelevant. Why do you bring them up?
- If you shut down 95% and you have 6%, blocks will take 90 minutes each. Your DDOS will have to be maintained for a long time in order to successfully double spend.
|
Join an anti-signature campaign: Click ignore on the members of signature campaigns.
PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
|
|
|
Soros Shorts
Donator
Legendary
Offline
Activity: 1617
Merit: 1011
|
|
March 25, 2015, 11:54:09 PM |
|
Big farms make direct stratum connections to their own pools through private networks. You can't DDoS these.
My little farm connects to BTC Guild, but will failover to my local p2pool node if BTC Guild goes down. Furthermore, my p2pool node makes direct connections only to trusted non-mining p2pool nodes that I control, so you can never hit my mining node directly from the internet.
|
|
|
|
|
cakir (OP)
Legendary
Offline
Activity: 1274
Merit: 1000
★ BitClave ICO: 15/09/17 ★
|
|
March 26, 2015, 12:03:33 AM |
|
(We're still ddos'ing other pools)
try. and the next 30min after ... all pools migrate automaticly to P2Pool isolate network and DDoS protected. any actual P2Pool nodes can achieve 8 connexion per sec. (at minimal level) and you have 2400 available connexion for miner in real time now (300 nodes). you can't win. security measure of pools are to automaticly switch to P2Pool. that why, we (P2Pool) have regulary +500Th/s but only 30 mins to test the security measures. I don't know much about P2Pools, I'll check it. Can you address these? - Public pools make up much less than 95% of the mining power.
- Difficulty and block is irrelevant. Why do you bring them up?
- If you shut down 95% and you have 6%, blocks will take 90 minutes each. Your DDOS will have to be maintained for a long time in order to successfully double spend.
* Yes I know, according to blockchain.info/pools it's 78% percent of the current hash. ** Actually it's quite relevant. We want to lower cost of attack. If we want to find blocks faster than others with less asics then we need lower diff. Also we need to target the block which is the future diff retargeting block. *** It's a probabilty actually. 20x lower diff may equal up to 200 minutes. But if we're lucky enough, we can achieve that. Big farms make direct stratum connections to their own pools through private networks. You can't DDoS these.
Attacker needs to find their connection to the outer network. They should use some ip addresses to broadcast block candidates. So it really doesn't matter their inner connection. |
|
|
|
|
|
|
,'#██+:
,█████████████'
+██████████████████
;██████████████████████
███████: .███████`
██████ ;█████'
`█████ #████#
████+ `████+
████: ████,
████: .# █ ████
;███+ ██ ███ ████
████ ███' ███. '███,
+███ #████ ,████ ████
████ █████ .+██████: █████+ `███.
,███ ███████████████████████ ████
████ ███████████████████████' :███
███: +████████████████████████ ███`
███ █████████████████████████` ███+
,███ ██████████████████████████ #███
'███ '██████████████████████████ ;███
#███ ███████████████████████████ ,███
████ ███████████████████████████. .███
████ ███████████████████████████' .███
+███ ███████████████████████████+ :███
:███ ███████████████████████████' +███
███ ███████████████████████████. ███#
███. #██████████████████████████ ███,
████ █████████████████████████+ `███
'███ '████████████████████████ ████
███; ███████████████████████ ███;
████ #████████████████████ ████
███# .██████████████████ `███+
████` ;██████████████ ████
████ '███████#. ████.
.████ █████
'████ █████
#████' █████
+█████` ██████
,██████: `███████
████████#;,..:+████████.
,███████████████████+
.███████████████;
`+███████#,
| |
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
March 26, 2015, 12:06:22 AM |
|
The retargeting is based on the time to solve the entire 2014 blocks in the targeting period. If you DDOSed 95% of the hashrate sucessfully then you would increase the expected time to solve the last block by 20x but that would only marginally increase the overall period time. This would mean an only marginal reduction in the overall difficulty. 1 - 2016 / (2015+1/0.05) = 0.9%. To reduce the difficulty by 95% in one targeting period would require keeping 95% of the hashrate unable to submit a block for 40 weeks. If you think you can DDOS a global distributed network for the better part of a year then yes your plan would work. Well sort of, the max reduction is 75% so even if you DDOS 99.999999% of the hashrate you can't reduce difficulty by more than that. |
|
|
|
|
Soros Shorts
Donator
Legendary
Offline
Activity: 1617
Merit: 1011
|
|
March 26, 2015, 12:07:35 AM |
|
Attacker needs to find their connection to the outer network. They should use some ip addresses to broadcast block candidates. So it really doesn't matter their inner connection.
They probably use Matt Corallo's private backbone to broadcast transactions amongst themselves first. You'd have a hard time plugging all the egress points. Even if you did, the big players already see each other's blocks first. |
|
|
|
|
cakir (OP)
Legendary
Offline
Activity: 1274
Merit: 1000
★ BitClave ICO: 15/09/17 ★
|
|
March 26, 2015, 12:10:29 AM |
|
The retargeting is based on the time to solve the entire 2014 blocks. So even if you DDOSed 95% of the hashrate to increase the length of time to solve the last block difficulty would only be reduced by:
1 - 2016 / (2015+1/0.05) = 0.9%.
To reduce difficulty by 95% would require keeping 95% of the hashrate unable to solve a block for 40 weeks. If you think you can DDOS a global distributed network for the better part of a year then yes your plan would work.
I thought diff retarget function just checks the last block's hash power. Can you give me github link about your calculation?
Attacker needs to find their connection to the outer network. They should use some ip addresses to broadcast block candidates. So it really doesn't matter their inner connection.
They probably use Matt Corallo's private backbone to broadcast transactions amongst themselves first. You'd have a hard time plugging all the egress points. Wow! I just heard another thing. Can you provide me source about how this backbone works? |
|
|
|
|
|
|
,'#██+:
,█████████████'
+██████████████████
;██████████████████████
███████: .███████`
██████ ;█████'
`█████ #████#
████+ `████+
████: ████,
████: .# █ ████
;███+ ██ ███ ████
████ ███' ███. '███,
+███ #████ ,████ ████
████ █████ .+██████: █████+ `███.
,███ ███████████████████████ ████
████ ███████████████████████' :███
███: +████████████████████████ ███`
███ █████████████████████████` ███+
,███ ██████████████████████████ #███
'███ '██████████████████████████ ;███
#███ ███████████████████████████ ,███
████ ███████████████████████████. .███
████ ███████████████████████████' .███
+███ ███████████████████████████+ :███
:███ ███████████████████████████' +███
███ ███████████████████████████. ███#
███. #██████████████████████████ ███,
████ █████████████████████████+ `███
'███ '████████████████████████ ████
███; ███████████████████████ ███;
████ #████████████████████ ████
███# .██████████████████ `███+
████` ;██████████████ ████
████ '███████#. ████.
.████ █████
'████ █████
#████' █████
+█████` ██████
,██████: `███████
████████#;,..:+████████.
,███████████████████+
.███████████████;
`+███████#,
| |
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
March 26, 2015, 12:14:17 AM |
|
I thought diff retarget function just checks the last block's hash power. How do you 'check hash power' in a provable trustless manner? The network has no concept of hash power only time and the previous required difficulty. Difficulty is set so the median time between blocks is 10 minutes. 2016 blocks therefore should take 20,160 minutes. If it is 1% longer than that then difficulty is reduced 1% it it is 1% shorter than that difficulty is raised 1%. https://github.com/bitcoin/bitcoin/blob/e564e63ef04e55b1e446f8440d51c611bc41cec6/src/pow.cpp#L15 |
|
|
|
|
lassdas
Legendary
Offline
Activity: 3649
Merit: 1412
|
|
March 26, 2015, 12:18:13 AM |
|
To reduce the difficulty by 95% in one targeting period ...
Correct me, if i'm wrong, but afaik it is simply impossible to reduce the difficulty by 95% in one targeting period. The maximum possible reduction in one targeting period is down to 1/4 of current diff (or if going up, 4x current), isn't it? |
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
March 26, 2015, 12:19:11 AM |
|
Correct me, if i'm wrong, but afaik it is simply impossible to reduce the difficulty by 95% in one targeting period.
The maximum possible reduction in one targeting period is down to 1/4 of current diff (or if going up, 4x current), isn't it?
That is correct. |
|
|
|
|
cakir (OP)
Legendary
Offline
Activity: 1274
Merit: 1000
★ BitClave ICO: 15/09/17 ★
|
|
March 26, 2015, 12:27:11 AM |
|
Thanks a lot guyz!
I've got my answers, why this scenario won't work.
(ps: locking the thread, if you want to add something pm me for unlocking).
|
|
|
|
|
|
|
,'#██+:
,█████████████'
+██████████████████
;██████████████████████
███████: .███████`
██████ ;█████'
`█████ #████#
████+ `████+
████: ████,
████: .# █ ████
;███+ ██ ███ ████
████ ███' ███. '███,
+███ #████ ,████ ████
████ █████ .+██████: █████+ `███.
,███ ███████████████████████ ████
████ ███████████████████████' :███
███: +████████████████████████ ███`
███ █████████████████████████` ███+
,███ ██████████████████████████ #███
'███ '██████████████████████████ ;███
#███ ███████████████████████████ ,███
████ ███████████████████████████. .███
████ ███████████████████████████' .███
+███ ███████████████████████████+ :███
:███ ███████████████████████████' +███
███ ███████████████████████████. ███#
███. #██████████████████████████ ███,
████ █████████████████████████+ `███
'███ '████████████████████████ ████
███; ███████████████████████ ███;
████ #████████████████████ ████
███# .██████████████████ `███+
████` ;██████████████ ████
████ '███████#. ████.
.████ █████
'████ █████
#████' █████
+█████` ██████
,██████: `███████
████████#;,..:+████████.
,███████████████████+
.███████████████;
`+███████#,
| |
|
|
|
|
